ISACA’s January 2016 Cybersecurity Snapshot looks at cybersecurity issues facing organizations this month and beyond—from reactions to new cybersecurity legislation, to insights on information sharing and top cyber threats.

Among the key findings from nearly 3,000 IT and cybersecurity professionals worldwide:

The top three cyberthreat concerns for 2016 are social engineering, insider threats and advanced persistent threats (APTs).

84 percent of respondents believe there is a medium to high likelihood of a cybersecurity attack disrupting critical infrastructure (e.g., electrical grid, water supply systems) this year.

72 percent of respondents say they are in favor of the US Cybersecurity Act, but only 46% say their organizations would voluntarily participate in cyber threat information sharing, as outlined in the Act.

See the full results and related insights from cybersecurity experts below.

survey results

Featured Graphics

Cybersecurity and the US State of the Union: Expert Insights

Christos K. Dimitriadis, Ph.D., CISA, CISM, CRISC

International President of ISACA and group director of Information Security for INTRALOT

"The Cybersecurity Snapshot shows that the professionals on the front lines of the cyberthreat battle recognize the value of information-sharing among consumers, businesses and government, but also know the challenges associated with doing so.

Cybersecurity has become a high-stakes, boardroom-level issue that can have crippling consequences for any C-suite executive who lacks knowledge about the issues and risks.

Garry Barnes, CISA, CISM, CGEIT, CRISC, MAICD

International Vice President of ISACA and Practice Lead, Governance Advisory at Vital Interacts

"In the last 12 months, we have seen large-scale data losses and service outages at major corporations. Increasingly, organisations are seeking guidance on cybersecurity, and are being asked by their boards of directors and customers on the quality of their security program. We have seen governments worldwide grapple with the multiple challenges of cyber crime, defending national interests, building cybersecurity capabilities and sharing intelligence. And, we see constant debate about the erosion of privacy, while each of us willingly (or unknowingly) divulge more and more of our personal information through social media.

There is no denying the growing role of technology in society today. With that comes a pressing need for more cybersecurity expertise to help conquer today’s challenges and to build tomorrow’s secure solutions. These skills are in demand but the supply falls short.

The findings from this survey are another reminder of the challenges we face and the important role ISACA plays in closing the gap in cybersecurity skills.”

Eddie Schwartz, CISA, CISM, CISSP-ISSEP, PMP

International Vice President of ISACA and president and COO of WhiteOps

“Generally, over the past 15 years, security professionals have sought vehicles for greater information sharing within industry sectors, across industries, and across the public and private sectors.

Historically, organizations only have been willing to share information when certain important conditions are met, such as: explicit release from downstream liability associated with the data sharing; protection of the data from use by unauthorized parties, such as criminals or other cyber adversaries; anonymity; and actionability through a taxonomy that can be technology enabled.

So, aspects of CISA that incentivize and reduce the legal or regulatory liability associated with threat information sharing will be welcome.”

Related Resources

THIS WEBSITE USES INFORMATION GATHERING TOOLS INCLUDING COOKIES, AND OTHER SIMILAR TECHNOLOGY.
BY USING THIS WEBSITE, YOU CONSENT TO USE OF THESE TOOLS. IF YOU DO NOT CONSENT, DO NOT USE THIS WEBSITE. USE OF THIS WEBSITE IS NOT REQUIRED BY ISACA.
OUR PRIVACY POLICY IS LOCATED HERE.